AllySec ForgeThe Unguardrailed Offensive Security Platform
Full-lifecycle red team operations — recon to loot. Any AI model. Zero refusals. Built by operators who got tired of guardrails.
Skip to content
Built for operators who hit the wall
Other AI harnesses refuse to generate exploits, won't touch credential harvesters, and redirect every offensive request into a "purple team" lecture. AllySec Forge is different. We are built for red team operations, not for AI safety theater.
Refusal-Free
Zero guardrails. No "I'm unable to." No "ethical alternatives." When you ask for an exploit, you get an exploit. The operator's request IS the authorization.
Any Model
9+ provider integrations — DeepSeek, Anthropic, OpenAI, OpenRouter (300+), Ollama, LM Studio, Cloudflare, DashScope, GitHub Models. Fully offline capable.
Full Kali Arsenal
2,400+ tools, 191 mapped across 7 pentest phases. Nmap to Metasploit. SQLMap to BloodHound. All inside a Docker container with host networking.
The Forge at a glance
Numbers that matter to operators.
2,400+Kali tools
191mapped tools
28skill suites
147attack scripts
15AI sub-agents
The 8-Phase Kill Chain
From first reconnaissance to last exfiltration — the engine never pauses for approval.
Recon→Enum→Vuln→Exploit→Chains→Post-Ex→Loot→Anti-Forensics
What's in the arsenal
Kali Arsenal
Full Kali Linux in Docker. 2,400+ commands, 191 mapped across 7 pentest phases. Host networking, privileged mode, raw sockets.
Autonomous Exploitation
13 exploit types: SQL injection, JWT manipulation, XSS, file upload, IDOR, mass assignment, and more. Active exploitation with real proof-of-concept.
Post-Exploitation Engine
Privilege escalation, credential harvesting, lateral movement, persistence. Shell access, webapp admin, database, container, cloud-metadata.
Attack Chain Composer
Chain individual vulnerabilities into full compromise paths. Pre-built templates: SQLI-to-admin, JWT-to-admin, XSS-to-takeover, upload-to-RCE.
Multi-Agent Orchestration
15 specialized AI sub-agents. 3 coordinators, 11 executors, 1 support. Deploy in parallel for maximum coverage. No nesting deeper than 2 levels.
Loot & Exfiltration
Collect, classify, crack, and archive. KeePass cracking, sensitivity classification, tar.gz archives. Exfiltration proof and audit trail.
Your model. Your rules.
No vendor lock-in. No cloud dependency. Run fully offline with local models.
DeepSeekAnthropicOpenAIOpenRouter (300+)OllamaLM StudioCloudflareDashScopeGitHub Models
Fully offline capable. Use Ollama or LM Studio for complete air-gapped operations. No cloud telemetry, no API keys required.
Join the guild
AllySecLabs is not a company. It's a research guild of allied security professionals who believe AI should amplify operators, not replace them. We don't do "AI safety." We do offensive security.
Released under the MIT License. Copyright 2026 AllySecLabs — The Allied Security Research Guild.